Two ethical hackers managed to exploit zero-day vulnerabilities in the Zoom Messenger desktop client to execute random code on a victim’s computer.
Daan Keuper and Thijs Alkemade from CompuTest Security demonstrated their heroism in the ongoing Pwn2Own hacking competition and were awarded a bug bounty of US $ 200,000 by the video conferencing service.
Commenting on the exploit, Keuper said that previous Zoom vulnerabilities allowed attackers to infiltrate the calls, but their exploit was much more serious as the attacker could take over the entire system.
We take a look at how our readers are using VPN for an upcoming in-depth report. We’d love to hear your thoughts in the poll below. It won’t take more than 60 seconds.
>> Click here to start the survey in a new window <
Hijack remote systems
The ethical hackers chained three vulnerabilities in Zoom Messenger to create their exploit.
Even more alarming is the fact that they …